Bluetooth is a wireless technology standard for exchanging data over short distances using short-wavelength radio transmissions in the ISM band from 2400-2480 MHz from fixed and mobile devices. Bluetooth uses a process called pairing to control which devices are allowed to connect to a given Bluetooth device and establish a connection without user intervention (e.g., as soon as the devices are in range). The pairing process is triggered either by a specific request from a user to pair devices, or it is triggered automatically when connecting to a service for the first time where the identity of a device is required.
Pairing typically involves some level of user interaction to authenticate the identity of the devices. Once pairing successfully completes, a bond will have been formed between the two devices, enabling the two paired devices to connect to each other in the future without repeating the pairing process. During the Bluetooth pairing process, the two devices involved establish a relationship by creating a link key which is shared and stored on both devices. If a link key is stored by both devices, the devices are said to be paired. The link key is then exchanged in all subsequent transactions. A device that wants to communicate only with a paired device can cryptographically authenticate the identity of the other device to ensure it is the same device it previously paired with. Once a link key has been generated, an authenticated Asynchronous Connection-Less (ACL) link between the devices may be encrypted so that any data exchanged is protected against eavesdropping.
The identity of the devices to be paired may be authenticated using a personal identification number (PIN) code, which may be an ASCII string up to 16 characters in length, for example. If a fixed PIN is associated with a first device, a user of the second device may enter the PIN code associated with the first device into the second device. Upon receiving the correct PIN code, the second device is able to successfully authenticate the first device and the devices establish a communication link, in order to complete the Bluetooth pairing. However, some users may have difficulty typing the code and the manual entry may be viewed by observers.
Many devices employ a simple numeric PIN code, such as a 4-digit PIN code for example, which is frequently fixed in memory at the device (e.g., “0000”). In particular, devices such as headsets that have a limited user interface are likely to have fixed PIN codes. With little or no user interface, devices that use a randomly generated pairing code become very cumbersome as there is no way to relay the code to the user. However, while the “0000” approach works for users/environments where secure device pairing is not important, it is problematic in environments where security is important.
Other Bluetooth devices may utilize the Secure Simple Pairing (SSP) process described in the Bluetooth Specification Revision 2.1, which is hereby incorporated by reference in its entirety. In particular, devices having a limited user interface often employ a simplified version of the “Numeric Comparison” pairing Association Model, where the simplified version is often referred to as “Just Works” pairing. In the “Numeric Comparison” model, both devices to be paired calculate a random six digit user confirmation value that only the devices know and both devices display the number on each device screen. The user compares the displayed numbers to ensure they match and presses a button on each device to confirm. Devices with a limited user interface not having a display may utilize the “Just Works” simplification, whereby user confirmation is assumed and pairing is performed without actual user confirmation of the calculated six digit number. While the “Just Works” approach works offers an optimal user experience in certain devices, current implementations are problematic in environments where security is important.
By itself, the use of a fixed PIN or presumed user confirmation for device pairing is fundamentally insecure, allowing an unauthorized device to pair with a target device when the target device is in pairing mode. Bluetooth security attacks include eavesdropping, unauthorized device control, unauthorized access to personal data, denial of service, and identity detection. Bluetooth devices may be subject to “Man-in-the-Middle” attacks, whereby an unauthorized device (also referred to as a rogue device) insinuates itself in the pairing process between two legitimate devices. The unauthorized device responds to both legitimate devices during the pairing process, fooling the legitimate devices into believing they have located each other. Instead, the legitimate devices are communicating with and through the unauthorized device, enabling the unauthorized device full trust of both devices. The unauthorized device is thus enabled to eavesdrop on communications and take control of the legitimate devices. Bluetooth headsets in particular are vulnerable to compromised telephony commands which hijack the functions and content of an associated mobile phone as well as compromised voice conversations.
As a result, improved methods and apparatuses for pairing of wireless devices are needed.